WebApp Sec mailing list archives
RE: Security and Development Best Practice Guidelines for .NET Framework
From: Mark Curphey <mark () curphey com>
Date: Thu, 09 Oct 2003 09:54:38 -0400 (EST)
I am assuming you have seen what I think is one of the best guides to building secure web apps out there? http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/ThreatCounter.asp If you haven't take a look. Its .NET focused but there is a lot of very good big picture stuff such as threat modeling and design that relevant to any technology. Cheers Mark ---- Curt Purdy <purdy () tecman com> wrote:
I am aware of the different guidelines that have been issued by Microsoft and @stake has performed an independent evaluation of the .NET FrameworkI don't know how you can call the @stake evaluation "indedpendent" when they have been bought and paid for by Microsoft to the point that they fire their CTO after he wrote a truly independent paper, "Cyberinsecurity: The Cost of Monopoly". Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- White House cybersecurity adviser Richard Clarke
Current thread:
- RE: Security and Development Best Practice Guidelines for .NET Framework Mark Curphey (Oct 09)
- <Possible follow-ups>
- RE: Security and Development Best Practice Guidelines for .NET Framework Amit Klein (Oct 09)